News and observations on websites, technology, and more - from the folks at SolTerra Communications.

Thursday, July 9, 2015

HTTP vs HTTPS

When a
website asks you to enter your credit card information, do you look to see if
the web address begins with https://
?If it doesn't, you should never enter
sensitive information like a credit card number.

There are
two primary protocols used to transmit data through the internet for websites, http and https.

Http or
the hypertext transfer protocol is the language used to send information
back and forth between web servers and clients. The important thing is the letter S which makes the difference between
HTTP and HTTPS.The problem with http is
that it is vulnerable to people who might want to eavesdrop on your activity. It may not be a serious problem if all you are
doing is watching YouTube videos or googling for information.The true problem arises when you are sending
or receiving data that is confidential or sensitive.For example, when you buy something on-line
and pay for it with your credit card, your credit card number gets sent across
the internet. If you are using http for
an on-line transaction it makes it very easy for malicious people to gain
access to your financial information.

The Internet’s answer to ensure your confidential information is
protected is https, a secured connection
that transmits data over the internet in an encrypted form. This security method
means that even if someone is eavesdropping, the data they get would not be
comprehensible or usable because they don’t have the means to decrypt it. The entire message is
decrypted only when it arrives at its designated location.Https is used in many situations, such
as log-in pages for banking, forms, corporate log-ins, and other applications
in which data needs to be secure. However,
if not implemented properly, https is not
infallible, and therefore it is extremely important for end users to be wary
about accepting questionable certificates and cautious with their personal
information while using the Internet.

So why
don’t we convert everything to https so that everything is secured?Although that is possible, transmitting data
via https requires additional processing power to encrypt/decrypt the
data.This could cause massive slowdowns
on the servers that process millions if not billions of data each day.That is why https is only used in certain
pages that contain sensitive information like credit card numbers or passwords.